Oddbean new post about login | logout What Arthur is saying is that 2. cannot be trusted. The app could show you these icons of the verifiers without them having really verified anything.
yeah, or like #nostrudel where it shows a verified badge but you have to click to the profile to see the domain associated with it he added a color ring around avatars which goes some way but those things can be faked in about 2-3 weeks of vanity key mining, as well
yes, colors can be minted, and they are only useful to the extent you remember the colors of the people you are following. I could probably remember 20 or 30, so not really useful.
The whole point of a follow is that you don't have to remember anything about them. That's why you literally bookmark them.
Colours are useful: - to find yourself - to find someone new (I'm pippelina. Pink pippelina 😎) - for imposter detection services (If pfp, bio, last digits of npub, color, ... match with an earlier created profile)
i think color, last 6 characters of the pubkey, and the nip-05 URL should all appear right next to the display name always
Good Imposter detection + removal goes a long way. (will probably some kind of timestamp yes) No way that I'm showing anything more than Display Name + Following/Not icon on 95% of screens.
Yes, I know. Every app can fake everything. That's why I think a verification button that opens the same data set somewhere else (that you already know) in the onboarding process is a good solution. It beats blindly trusting the app or centralizing "Nostr login" to a few honeypot services. A newcomer that is only part of Nostr group chat and then opens his first new app can do a loooot more with trusting the app he already knows and the Web of Verification that that app has, than with trusting who the other chat members are following.